bcgit
diff --git a/‎core/src/main/java/org/bouncycastle/crypto/agreement/ECVKOAgreement.java‎
Lines changed: 19 additions & 52 deletions b/‎core/src/main/java/org/bouncycastle/crypto/agreement/ECVKOAgreement.java‎
Lines changed: 19 additions & 52 deletions
diff --git a/‎core/src/main/java/org/bouncycastle/crypto/params/ParametersWithUKM.java‎
Lines changed: 4 additions & 4 deletions b/‎core/src/main/java/org/bouncycastle/crypto/params/ParametersWithUKM.java‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎core/src/main/java/org/bouncycastle/crypto/signers/ECGOST3410_2012Signer.java‎
Lines changed: 3 additions & 152 deletions b/‎core/src/main/java/org/bouncycastle/crypto/signers/ECGOST3410_2012Signer.java‎
Lines changed: 3 additions & 152 deletions
diff --git a/‎core/src/main/java/org/bouncycastle/util/Arrays.java‎
Lines changed: 11 additions & 0 deletions b/‎core/src/main/java/org/bouncycastle/util/Arrays.java‎
Lines changed: 11 additions & 0 deletions
diff --git a/‎core/src/test/java/org/bouncycastle/crypto/test/AsymmetricConstraintsTest.java‎
Lines changed: 0 additions & 2 deletions b/‎core/src/test/java/org/bouncycastle/crypto/test/AsymmetricConstraintsTest.java‎
Lines changed: 0 additions & 2 deletions
diff --git a/‎prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ECGOST.java‎
Lines changed: 5 additions & 8 deletions b/‎prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ECGOST.java‎
Lines changed: 5 additions & 8 deletions
diff --git a/‎prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/GOST.java‎
Lines changed: 1 addition & 0 deletions b/‎prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/GOST.java‎
Lines changed: 1 addition & 0 deletions
@@ -11,7 +11,7 @@
 import org.bouncycastle.crypto.params.ParametersWithUKM;
 import org.bouncycastle.math.ec.ECAlgorithms;
 import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.BigIntegers;
+import org.bouncycastle.util.Arrays;
 
 /**
  * GOST VKO key agreement class - RFC 7836 Section 4.3
@@ -28,24 +28,30 @@ public ECVKOAgreement(Digest digest)
         this.digest = digest;
     }
 
-    public void init(
-        CipherParameters key)
+    public void init(CipherParameters key)
     {
         ParametersWithUKM p = (ParametersWithUKM)key;
 
         this.key = (ECPrivateKeyParameters)p.getParameters();
-        this.ukm = toInteger(p.getUKM());
+        this.ukm = new BigInteger(1, Arrays.reverse(p.getUKM()));
 
         CryptoServicesRegistrar.checkConstraints(Utils.getDefaultProperties("ECVKO", this.key));
     }
 
+    public int getAgreementSize()
+    {
+        return digest.getDigestSize();
+    }
+
+    /**
+     * @deprecated Will be removed
+     */
     public int getFieldSize()
     {
         return (key.getParameters().getCurve().getFieldSize() + 7) / 8;
     }
 
-    public byte[] calculateAgreement(
-        CipherParameters pubKey)
+    public byte[] calculateAgreement(CipherParameters pubKey)
     {
         ECPublicKeyParameters pub = (ECPublicKeyParameters)pubKey;
         ECDomainParameters params = key.getParameters();
@@ -60,7 +66,7 @@ public byte[] calculateAgreement(
         ECPoint pubPoint = ECAlgorithms.cleanPoint(params.getCurve(), pub.getQ());
         if (pubPoint.isInfinity())
         {
-            throw new IllegalStateException("Infinity is not a valid public key for ECDHC");
+            throw new IllegalStateException("Infinity is not a valid public key for ECVKO");
         }
 
         ECPoint P = pubPoint.multiply(hd).normalize();
@@ -70,55 +76,16 @@ public byte[] calculateAgreement(
             throw new IllegalStateException("Infinity is not a valid agreement value for ECVKO");
         }
 
-        return fromPoint(P);
-    }
-
-    private static BigInteger toInteger(byte[] ukm)
-    {
-        byte[] v = new byte[ukm.length];
-
-        for (int i = 0; i != v.length; i++)
-        {
-            v[i] = ukm[ukm.length - i - 1];
-        }
-
-        return new BigInteger(1, v);
-    }
-
-    private byte[] fromPoint(ECPoint v)
-    {
-        BigInteger bX = v.getAffineXCoord().toBigInteger();
-        BigInteger bY = v.getAffineYCoord().toBigInteger();
-
-        int size;
-        if (bX.toByteArray().length > 33)
-        {
-            size = 64;
-        }
-        else
-        {
-            size = 32;
-        }
-
-        byte[] bytes = new byte[2 * size];
-        byte[] x = BigIntegers.asUnsignedByteArray(size, bX);
-        byte[] y = BigIntegers.asUnsignedByteArray(size, bY);
+        byte[] encoding = P.getEncoded(false);
+        int encodingLength = encoding.length;
+        int feSize = encodingLength / 2;
 
-        for (int i = 0; i != size; i++)
-        {
-            bytes[i] = x[size - i - 1];
-        }
-        for (int i = 0; i != size; i++)
-        {
-            bytes[size + i] = y[size - i - 1];
-        }
-
-        digest.update(bytes, 0, bytes.length);
+        Arrays.reverseInPlace(encoding, encodingLength - feSize * 2, feSize);
+        Arrays.reverseInPlace(encoding, encodingLength - feSize    , feSize);
 
         byte[] rv = new byte[digest.getDigestSize()];
-
+        digest.update(encoding, encodingLength - feSize * 2, feSize * 2);
         digest.doFinal(rv, 0);
-
         return rv;
     }
 }
@@ -18,13 +18,13 @@ public ParametersWithUKM(
     public ParametersWithUKM(
         CipherParameters    parameters,
         byte[] ukm,
-        int                 ivOff,
-        int                 ivLen)
+        int                 ukmOff,
+        int                 ukmLen)
     {
-        this.ukm = new byte[ivLen];
+        this.ukm = new byte[ukmLen];
         this.parameters = parameters;
 
-        System.arraycopy(ukm, ivOff, this.ukm, 0, ivLen);
+        System.arraycopy(ukm, ukmOff, this.ukm, 0, ukmLen);
     }
 
     public byte[] getUKM()
 
@@ -1,160 +1,11 @@
 package org.bouncycastle.crypto.signers;
 
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.DSAExt;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECKeyParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECMultiplier;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.FixedPointCombMultiplier;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.BigIntegers;
-
 /**
  * GOST R 34.10-2012 Signature Algorithm
+ * 
+ * @deprecated Use {@link ECGOST3410Signer} instead.
  */
 public class ECGOST3410_2012Signer
-    implements DSAExt
+    extends ECGOST3410Signer
 {
-    ECKeyParameters key;
-
-    SecureRandom    random;
-
-    public void init(
-        boolean                 forSigning,
-        CipherParameters        param)
-    {
-        if (forSigning)
-        {
-            if (param instanceof ParametersWithRandom)
-            {
-                ParametersWithRandom    rParam = (ParametersWithRandom)param;
-
-                this.random = rParam.getRandom();
-                this.key = (ECPrivateKeyParameters)rParam.getParameters();
-            }
-            else
-            {
-                this.random = CryptoServicesRegistrar.getSecureRandom();
-                this.key = (ECPrivateKeyParameters)param;
-            }
-        }
-        else
-        {
-            this.key = (ECPublicKeyParameters)param;
-        }
-
-        CryptoServicesRegistrar.checkConstraints(Utils.getDefaultProperties("ECGOST3410_2012", key, forSigning));
-    }
-
-    public BigInteger getOrder()
-    {
-        return key.getParameters().getN();
-    }
-
-    /**
-     * generate a signature for the given message using the key we were
-     * initialised with. For conventional GOST3410 2012 the message should be a GOST3411 2012
-     * hash of the message of interest.
-     *
-     * @param message the message that will be verified later.
-     */
-    public BigInteger[] generateSignature(
-        byte[] message)
-    {
-        byte[] mRev = Arrays.reverse(message); // conversion is little-endian
-        BigInteger e = new BigInteger(1, mRev);
-
-        ECDomainParameters ec = key.getParameters();
-        BigInteger n = ec.getN();
-        BigInteger d = ((ECPrivateKeyParameters)key).getD();
-
-        BigInteger r, s;
-
-        ECMultiplier basePointMultiplier = createBasePointMultiplier();
-
-        do // generate s
-        {
-            BigInteger k;
-            do // generate r
-            {
-                do
-                {
-                    k = BigIntegers.createRandomBigInteger(n.bitLength(), random);
-                }
-                while (k.equals(ECConstants.ZERO));
-
-                ECPoint p = basePointMultiplier.multiply(ec.getG(), k).normalize();
-
-                r = p.getAffineXCoord().toBigInteger().mod(n);
-            }
-            while (r.equals(ECConstants.ZERO));
-
-            s = (k.multiply(e)).add(d.multiply(r)).mod(n);
-        }
-        while (s.equals(ECConstants.ZERO));
-
-        return new BigInteger[]{ r, s };
-    }
-
-    /**
-     * return true if the value r and s represent a GOST3410 2012 signature for
-     * the passed in message (for standard GOST3410 2012 the message should be
-     * a GOST3411 2012 hash of the real message to be verified).
-     */
-    public boolean verifySignature(
-        byte[]      message,
-        BigInteger  r,
-        BigInteger  s)
-    {
-        byte[] mRev = Arrays.reverse(message); // conversion is little-endian
-        BigInteger e = new BigInteger(1, mRev);
-        BigInteger n = key.getParameters().getN();
-
-        // r in the range [1,n-1]
-        if (r.compareTo(ECConstants.ONE) < 0 || r.compareTo(n) >= 0)
-        {
-            return false;
-        }
-
-        // s in the range [1,n-1]
-        if (s.compareTo(ECConstants.ONE) < 0 || s.compareTo(n) >= 0)
-        {
-            return false;
-        }
-
-        BigInteger v = BigIntegers.modOddInverseVar(n, e);
-
-        BigInteger z1 = s.multiply(v).mod(n);
-        BigInteger z2 = (n.subtract(r)).multiply(v).mod(n);
-
-        ECPoint G = key.getParameters().getG(); // P
-        ECPoint Q = ((ECPublicKeyParameters)key).getQ();
-
-        ECPoint point = ECAlgorithms.sumOfTwoMultiplies(G, z1, Q, z2).normalize();
-
-        // components must be bogus.
-        if (point.isInfinity())
-        {
-            return false;
-        }
-
-        BigInteger R = point.getAffineXCoord().toBigInteger().mod(n);
-
-        return R.equals(r);
-    }
-
-    protected ECMultiplier createBasePointMultiplier()
-    {
-        return new FixedPointCombMultiplier();
-    }
 }
@@ -1090,6 +1090,17 @@ public static byte[] reverseInPlace(byte[] a)
         return a;
     }
 
+    public static void reverseInPlace(byte[] a, int aOff, int aLen)
+    {
+        int p1 = aOff, p2 = aOff + aLen - 1;
+        while (p1 < p2)
+        {
+            byte t1 = a[p1], t2 = a[p2];
+            a[p1++] = t2;
+            a[p2--] = t1;
+        }
+    }
+
     public static int[] reverseInPlace(int[] a)
     {
         if (null == a)
 
@@ -95,7 +95,6 @@
 import org.bouncycastle.crypto.signers.DSTU4145Signer;
 import org.bouncycastle.crypto.signers.ECDSASigner;
 import org.bouncycastle.crypto.signers.ECGOST3410Signer;
-import org.bouncycastle.crypto.signers.ECGOST3410_2012Signer;
 import org.bouncycastle.crypto.signers.Ed25519Signer;
 import org.bouncycastle.crypto.signers.Ed25519ctxSigner;
 import org.bouncycastle.crypto.signers.Ed25519phSigner;
@@ -389,7 +388,6 @@ private void testEC()
         // first though.
         ecSignerTest(kp.getPublic(), kp.getPrivate(), new ECDSASigner());
         ecSignerTest(kp.getPublic(), kp.getPrivate(), new DSTU4145Signer());
-        ecSignerTest(kp.getPublic(), kp.getPrivate(), new ECGOST3410_2012Signer());
         ecSignerTest(kp.getPublic(), kp.getPrivate(), new ECGOST3410Signer());
         ecSignerTest(kp.getPublic(), kp.getPrivate(), new SM2Signer());
 
 
@@ -66,8 +66,8 @@ public void configure(ConfigurableProvider provider)
                     "ECGOST3410-2012",
                     new org.bouncycastle.jcajce.provider.asymmetric.ecgost12.KeyFactorySpi());
             registerOid(provider, RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_256,
-                             "ECGOST3410-2012",
-                             new org.bouncycastle.jcajce.provider.asymmetric.ecgost12.KeyFactorySpi());
+                    "ECGOST3410-2012",
+                    new org.bouncycastle.jcajce.provider.asymmetric.ecgost12.KeyFactorySpi());
             registerOidAlgorithmParameters(provider,
                     RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256, "ECGOST3410-2012");
 
@@ -82,17 +82,13 @@ public void configure(ConfigurableProvider provider)
 
             provider.addAlgorithm("KeyPairGenerator.ECGOST3410-2012",
                     PREFIX_GOST_2012 + "KeyPairGeneratorSpi");
-            provider.addAlgorithm("Alg.Alias.KeyPairGenerator.ECGOST3410-2012",
-                    "ECGOST3410-2012");
             provider.addAlgorithm("Alg.Alias.KeyPairGenerator.GOST-3410-2012",
                     "ECGOST3410-2012");
 
             // 256 signature
 
             provider.addAlgorithm("Signature.ECGOST3410-2012-256",
                     PREFIX_GOST_2012 + "ECGOST2012SignatureSpi256");
-            provider.addAlgorithm("Alg.Alias.Signature.ECGOST3410-2012-256",
-                    "ECGOST3410-2012-256");
             provider.addAlgorithm("Alg.Alias.Signature.GOST-3410-2012-256",
                     "ECGOST3410-2012-256");
             provider.addAlgorithm("Alg.Alias.Signature.GOST3411WITHECGOST3410-2012-256",
@@ -104,7 +100,6 @@ public void configure(ConfigurableProvider provider)
 
             // 512 signature
 
-
             provider.addAlgorithm("Signature.ECGOST3410-2012-512",
                     PREFIX_GOST_2012 + "ECGOST2012SignatureSpi512");
             provider.addAlgorithm("Alg.Alias.Signature.ECGOST3410-2012-512",
@@ -113,11 +108,13 @@ public void configure(ConfigurableProvider provider)
                     "ECGOST3410-2012-512");
             provider.addAlgorithm("Alg.Alias.Signature.GOST3411WITHECGOST3410-2012-512",
                       "ECGOST3410-2012-512");
-            
+
             addSignatureAlgorithm(provider, "GOST3411-2012-512", "ECGOST3410-2012-512",
                     PREFIX_GOST_2012 + "ECGOST2012SignatureSpi512",
                     RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512);
 
+            // KeyAgreement
+
             provider.addAlgorithm("KeyAgreement.ECGOST3410-2012-256", PREFIX_GOST_2012 + "KeyAgreementSpi$ECVKO256");
             provider.addAlgorithm("KeyAgreement.ECGOST3410-2012-512", PREFIX_GOST_2012 + "KeyAgreementSpi$ECVKO512");
 
 
@@ -39,6 +39,7 @@ public void configure(ConfigurableProvider provider)
             provider.addAlgorithm("Alg.Alias.Signature.GOST3411withGOST3410", "GOST3410");
             provider.addAlgorithm("Alg.Alias.Signature.GOST3411WITHGOST3410", "GOST3410");
             provider.addAlgorithm("Alg.Alias.Signature.GOST3411WithGOST3410", "GOST3410");
+            provider.addAlgorithm("Alg.Alias.Signature.GOST3411/GOST3410", "GOST3410");
             provider.addAlgorithm("Alg.Alias.Signature." + CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3410");